741 matches found
Horner Automation Cscape 缓冲区错误漏洞
Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data. If a user...
Horner Automation Cscape 缓冲区错误漏洞
Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data, and allows...
Horner Automation Cscape 缓冲区错误漏洞
Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 6 and prior versions, which arises from failure to properly validate user-supplied data. If a user...
Ubuntu: Security Advisory (USN-324-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the TTFRenderTextSolid. This vulnerability is triggered by a crafted TTF file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Issue...
CVE-2022-27470
SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...
DEBIAN-CVE-2022-27470
SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...
CVE-2022-24092
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
CVE-2022-24092
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
CVE-2022-24091
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
CVE-2022-24091
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
CVE-2021-30771
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...
Input validation
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...
Cross site scripting
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
CVE-2021-30771
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...
CVE-2021-30771
The CVE-2021-30771 entry affects Apple’s FontParser component (macOS Big Sur 11.4, iOS 14.6/iPadOS 14.6, watchOS 7.5, tvOS 14.6). It is caused by an out-of-bounds write when processing a maliciously crafted font file, with the impact described as arbitrary code execution. Apple’s advisory indicat...
CVE-2022-24092 Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...
Denial Of Service (DoS)
pcf2bdf is vulnerable to denial of service. The vulnerability exists because, a segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file...
DEBIAN-CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...